oweals/openwrt.git
5 years agoprocd: procd_send_signal use signal names
Kevin Darbyshire-Bryant [Tue, 2 Jan 2018 14:34:51 +0000 (14:34 +0000)]
procd: procd_send_signal use signal names

Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME."  Make actual behaviour match
the stated documented behaviour.

https://wiki.openwrt.org/inbox/procd-init-scripts

Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 37bb463daa21e2c97365c6543b2bfdfe673c5baa)

5 years agorules.mk: fix syntax error
Jo-Philipp Wich [Thu, 29 Nov 2018 11:32:34 +0000 (12:32 +0100)]
rules.mk: fix syntax error

Fix broken assignment operator added in a previous commit.

Fixes db73ec9f51 ("rules.mk: add INSTALL_SUID macro")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 1416b63dcbadbb5c11c2591b4513f5276b6dc744)

5 years agorules.mk: add INSTALL_SUID macro
Jo-Philipp Wich [Thu, 29 Nov 2018 10:59:20 +0000 (11:59 +0100)]
rules.mk: add INSTALL_SUID macro

This is useful for packages that want to stage SUID executables.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit b0261ee5e9bcbc743960727b5aad1829250d1add)

5 years agobase-files: fix prerm return value, align with postinst code
Tony Ambardar [Sat, 3 Mar 2018 04:04:36 +0000 (20:04 -0800)]
base-files: fix prerm return value, align with postinst code

The return value of a package prerm script is discarded and not returned
correctly by default_prerm(). This allows other operations like service
shutdown to "leak" their return value, prompting workarounds like commit
48cfc826 which do not address the root cause.

Preserve a package prerm script return value for use by default_prerm(),
sharing the corresponding code from default_postinst() for consistency.
Also use consistent code for handling of /etc/init.d/ scripts.

Run Tested on: LEDE 17.01.4 running ar71xx.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 8806da86f5da3b1b1e4d24259d168e2219c01a26)

5 years agosdk: find kernel modules when KDIR is a symlink
Karl Vogel [Thu, 29 Nov 2018 08:07:21 +0000 (09:07 +0100)]
sdk: find kernel modules when KDIR is a symlink

The find statement would not return any results if the KDIR_BASE pointed to a
symlink. Ran into this issue due to a custom Kernel/Prepare that was installing
a symlink to the kernel directory.

The extra slash at the end fixes this scenario and does no harm for targets that
have a proper KDIR.

Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
(cherry picked from commit ae980458abf8299d614f4b34add32e18d054378d)

5 years agouhttpd: update to latest Git head
Jo-Philipp Wich [Wed, 28 Nov 2018 12:07:36 +0000 (13:07 +0100)]
uhttpd: update to latest Git head

cdfc902 cgi: escape url in 403 error output
0bba1ce uhttpd: fix building without TLS and Lua support
2ed3341 help: document -A option
fa5fd45 file: fix CPP syntax error
77b774b build: avoid redefining _DEFAULT_SOURCE
b741dec lua: support multiple Lua prefixes
952bf9d build: use _DEFAULT_SOURCE
30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods
796d42b client: flush buffered SSL output when tearing down client ustream
393b59e proc: expose HTTP Origin header in process environment
8109b95 file: escape strings in HTML output
d3b9560 utils: add uh_htmlescape() helper
db86175 lua: honour size argument in recv()

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agouclient: update to latest Git head
Jo-Philipp Wich [Sat, 24 Nov 2018 19:10:26 +0000 (20:10 +0100)]
uclient: update to latest Git head

3ba74eb uclient-http: properly handle HTTP redirects via proxy connections

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 0bd99db5118665bbe17f84427238c322af3deaae)

5 years agobase-files: fix unkillable processes after restart
Linus Kardell [Thu, 22 Nov 2018 10:35:08 +0000 (11:35 +0100)]
base-files: fix unkillable processes after restart

When restart is run on an init script, the script traps SIGTERM. This is
done as a workaround for scripts named the same name as the program they
start. In that case, the init script process will have the same name as
the program process, and so when the init script runs killall, it will
kill itself. So SIGTERM is trapped to make the init script unkillable.

However, the trap is retained when the init script runs start, and thus
processes started by restart will not respond to SIGTERM, and will thus
be unkillable unless you use SIGKILL. This fixes that by removing the
trap before running start.

Signed-off-by: Linus Kardell <linus@telliq.com>
(cherry picked from commit 2ac1a57677ce4e21513dca2a8efab1eb6e0a9c58)

5 years agolibubox: update to latest git HEAD
Rafał Miłecki [Fri, 16 Nov 2018 16:21:49 +0000 (17:21 +0100)]
libubox: update to latest git HEAD

4382c76 switch from typeof to the more portable __typeof__

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: add 2 more recent changes
Rafał Miłecki [Fri, 9 Nov 2018 22:24:11 +0000 (23:24 +0100)]
mac80211: brcmfmac: add 2 more recent changes

First one is a fix for reporting channels to the user space. Important
for users as they could try setting invalid channel and fail to start an
interface.

Later is a support for newer FullMAC chipset firmwares.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmutil: backport chanspec debugging patch
Rafał Miłecki [Wed, 7 Nov 2018 12:10:20 +0000 (13:10 +0100)]
mac80211: brcmutil: backport chanspec debugging patch

It helps debugging possible WARN-ings.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport the latest 4.20 changes
Rafał Miłecki [Wed, 7 Nov 2018 12:06:52 +0000 (13:06 +0100)]
mac80211: brcmfmac: backport the latest 4.20 changes

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b50f162b3cce3d95874e4394f4765413f58765f1)

6 years agomac80211: brcmfmac: rename 4.20 backport patches
Rafał Miłecki [Wed, 7 Nov 2018 12:06:48 +0000 (13:06 +0100)]
mac80211: brcmfmac: rename 4.20 backport patches

Include kernel version to help tracking changes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: add iw command wrapper with error logging
Rafał Miłecki [Tue, 4 Sep 2018 13:20:34 +0000 (15:20 +0200)]
mac80211: add iw command wrapper with error logging

Currently it's close to impossible to tell what part of mac80211 setup
went wrong. Errors logged into system log look like this:
radio0 (6155): command failed: No error information (-524)
radio0 (6155): command failed: Not supported (-95)
radio0 (6155): command failed: I/O error (-5)
radio0 (6155): command failed: Too many open files in system (-23)

With this commit change it's getting clear:
command failed: No error information (-524)
Failed command: iw dev wlan0 del
command failed: Not supported (-95)
Failed command: iw phy phy0 set antenna_gain 0
command failed: I/O error (-5)
Failed command: iw phy phy0 set distance 0
command failed: Too many open files in system (-23)
Failed command: iw phy phy0 interface add wlan0 type __ap

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ffa80bf5a784a34b81e32144669f30560780bdb6)

6 years agomac80211: brcmfmac: backport first important changes from the 4.20
Rafał Miłecki [Wed, 12 Sep 2018 07:33:34 +0000 (09:33 +0200)]
mac80211: brcmfmac: backport first important changes from the 4.20

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agoLEDE v17.01.6: revert to branch defaults
Hauke Mehrtens [Sun, 2 Sep 2018 13:16:13 +0000 (15:16 +0200)]
LEDE v17.01.6: revert to branch defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoLEDE v17.01.6: adjust config defaults v17.01.6
Hauke Mehrtens [Sun, 2 Sep 2018 13:16:09 +0000 (15:16 +0200)]
LEDE v17.01.6: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agogrub2: rebase patches
Jo-Philipp Wich [Thu, 23 Aug 2018 17:08:58 +0000 (19:08 +0200)]
grub2: rebase patches

Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.

Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9ffbe84ea49fc643f41bfdf687de99aee17c9154)

6 years agobzip2: Fix CVE-2016-3189
Rosen Penev [Thu, 23 Aug 2018 02:07:56 +0000 (19:07 -0700)]
bzip2: Fix CVE-2016-3189

Issue causes a crash with specially crafted bzip2 files.

More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f9469efbfa7ce892651f9a6da713eacbef66f177)

6 years agogrub2: Fix CVE-2015-8370
Rosen Penev [Thu, 23 Aug 2018 02:07:57 +0000 (19:07 -0700)]
grub2: Fix CVE-2015-8370

This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7e73e9128f6a63b9198c88eea97c267810447be4)

6 years agoscripts: bundle-libraries: fix logic flaw
Jo-Philipp Wich [Wed, 29 Aug 2018 11:16:34 +0000 (13:16 +0200)]
scripts: bundle-libraries: fix logic flaw

Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.

Solve the problem by unconditionally checking for LDSO again.

Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ebcd32997b6d10abcd29c8795a598fdcaf4521d)

6 years agoscripts: bundle-libraries: prevent loading host locales (FS#1803)
Jo-Philipp Wich [Sat, 25 Aug 2018 12:46:57 +0000 (14:46 +0200)]
scripts: bundle-libraries: prevent loading host locales (FS#1803)

Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9030a78a716b0a2eeed4510d4a314393262255c2)

6 years agokernel: bump kernel 4.4 to version 4.4.153
Hauke Mehrtens [Thu, 30 Aug 2018 10:47:44 +0000 (12:47 +0200)]
kernel: bump kernel 4.4 to version 4.4.153

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agomt76: Fix mirror hash
Hauke Mehrtens [Thu, 30 Aug 2018 09:55:30 +0000 (11:55 +0200)]
mt76: Fix mirror hash

The mirror hash added in this commit was wrong.
The file on the mirror server and the newly generated file from git have
a different hash value, use that one.

Fixes: 4b5861c47 ("mt76: update to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agodropbear: backport upstream fix for CVE-2018-15599
Hans Dedecker [Fri, 24 Aug 2018 13:02:24 +0000 (15:02 +0200)]
dropbear: backport upstream fix for CVE-2018-15599

CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agokernel: bump kernel 4.4 to version 4.4.151
Hauke Mehrtens [Wed, 22 Aug 2018 18:40:53 +0000 (20:40 +0200)]
kernel: bump kernel 4.4 to version 4.4.151

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: bump kernel 4.4 to version 4.4.150
Hauke Mehrtens [Tue, 21 Aug 2018 21:22:01 +0000 (23:22 +0200)]
kernel: bump kernel 4.4 to version 4.4.150

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agotools/e2fsprogs: update to 1.44.1
Paul Wassi [Mon, 26 Mar 2018 11:51:01 +0000 (13:51 +0200)]
tools/e2fsprogs: update to 1.44.1

Update e2fsprogs to upstream 1.44.1 (feature and bugfix release)

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
(cherry picked from commit 8262179f4a007035a531bb913261f5f91115fad8)

6 years agoe2fsprogs: bump to 1.44.0
Ansuel Smith [Fri, 9 Mar 2018 01:29:58 +0000 (02:29 +0100)]
e2fsprogs: bump to 1.44.0

Fix compilation error

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit a9c00578b5c55357117db9dbbbd4e5652b9b4648)

6 years agotools/e2fsprogs: Update to 1.43.7
Rosen Penev [Wed, 22 Nov 2017 05:57:53 +0000 (21:57 -0800)]
tools/e2fsprogs: Update to 1.43.7

Compile tested on Fedora 27.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 08cc9a2ca8536e9808b60145cd0e10bdcfc98aca)

6 years agotools/e2fsprogs: Update to 1.43.6
Daniel Engberg [Fri, 8 Sep 2017 07:42:23 +0000 (09:42 +0200)]
tools/e2fsprogs: Update to 1.43.6

Update e2fsprogs to 1.43.6
* Remove FreeBSD patch as it's not needed, FreeBSD 9.1 is EoL and this
  is compiling on FreeBSD 11.1.
* Remove libmagic patch, RHEL 5 is EoL (End of Production Phase) since
  March 31, 2017.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit ed617fd8f2f39e18ad435883db5b4100e6f7f977)

6 years agotools/e2fsprogs: Update to 1.43.5
Daniel Engberg [Mon, 7 Aug 2017 02:42:21 +0000 (04:42 +0200)]
tools/e2fsprogs: Update to 1.43.5

Update e2fsprogs to 1.43.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 8477d5454531a35306d57c123c89602fee71a07f)

6 years agotools/e2fsprogs: Update to 1.43.4
Daniel Engberg [Mon, 6 Feb 2017 19:05:36 +0000 (20:05 +0100)]
tools/e2fsprogs: Update to 1.43.4

* Update to 1.43.4
* Refresh patches
* xz tarball which saves about 2M in size

Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4

Tested by Etienne Haarsma (ar71xx), Daniel Engberg (kirkwood)

Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of harcoded URL]
(cherry picked from commit 34ba64fe708e45b7c042e2d273e66d4ce03df4e3)

6 years agoRevert "tools/e2fsprogs: fix building on a glibc 2.27 host"
Matthias Schiffer [Tue, 21 Aug 2018 18:29:12 +0000 (20:29 +0200)]
Revert "tools/e2fsprogs: fix building on a glibc 2.27 host"

This reverts commit 58a95f0f8ff768b43d68eed2b6a786e0f40f723b.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agotools/bison: Update to 3.0.5
Daniel Engberg [Thu, 7 Jun 2018 17:21:12 +0000 (19:21 +0200)]
tools/bison: Update to 3.0.5

Update bison to 3.0.5
Bugfix release
Remove 001-fix-macos-vasnprintf.patch as it is fixed upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
6 years agomac80211: brcmfmac: fix compilation with SDIO support
Rafał Miłecki [Fri, 17 Aug 2018 10:26:53 +0000 (12:26 +0200)]
mac80211: brcmfmac: fix compilation with SDIO support

This fixes following error when compiling with CONFIG_BRCMFMAC_SDIO=y:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c:1100:23: error: 'sdiod' undeclared (first use in this function)
   brcmf_dev_coredump(&sdiod->func1->dev);

Fixes: 9d8940c5b92f ("mac80211: brcmfmac: backport important changes from the 4.18")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport patch setting WIPHY_FLAG_HAVE_AP_SME
Rafał Miłecki [Thu, 16 Aug 2018 14:34:21 +0000 (16:34 +0200)]
mac80211: brcmfmac: backport patch setting WIPHY_FLAG_HAVE_AP_SME

It's an important hint for authenticator (e.g. hostapd) about hardware
capabilities.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.19
Rafał Miłecki [Thu, 16 Aug 2018 09:38:30 +0000 (11:38 +0200)]
mac80211: brcmfmac: backport important changes from the 4.19

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.18
Rafał Miłecki [Thu, 16 Aug 2018 09:26:10 +0000 (11:26 +0200)]
mac80211: brcmfmac: backport important changes from the 4.18

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.16
Rafał Miłecki [Thu, 16 Aug 2018 08:58:27 +0000 (10:58 +0200)]
mac80211: brcmfmac: backport important changes from the 4.16

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.15
Rafał Miłecki [Thu, 16 Aug 2018 08:48:54 +0000 (10:48 +0200)]
mac80211: brcmfmac: backport important changes from the 4.15

Two more patches that may be worth backporting in the future:
fdd0bd88ceae brcmfmac: add CLM download support
cc124d5cc8d8 brcmfmac: fix CLM load error for legacy chips when user helper is enabled

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.14
Rafał Miłecki [Thu, 16 Aug 2018 08:29:56 +0000 (10:29 +0200)]
mac80211: brcmfmac: backport important changes from the 4.14

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.13
Rafał Miłecki [Thu, 16 Aug 2018 08:19:01 +0000 (10:19 +0200)]
mac80211: brcmfmac: backport important changes from the 4.13

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport important changes from the 4.12
Rafał Miłecki [Thu, 16 Aug 2018 08:02:41 +0000 (10:02 +0200)]
mac80211: brcmfmac: backport important changes from the 4.12

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: backport use-after-free fix from 4.11
Rafał Miłecki [Thu, 16 Aug 2018 07:48:51 +0000 (09:48 +0200)]
mac80211: brcmfmac: backport use-after-free fix from 4.11

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agomac80211: brcmfmac: group 4.11 backport patches
Rafał Miłecki [Thu, 16 Aug 2018 07:15:12 +0000 (09:15 +0200)]
mac80211: brcmfmac: group 4.11 backport patches

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agoopenssl: update to version 1.0.2p
Hauke Mehrtens [Wed, 15 Aug 2018 20:17:11 +0000 (22:17 +0200)]
openssl: update to version 1.0.2p

This fixes the following security problems:
 * CVE-2018-0732: Client DoS due to large DH parameter
 * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: bump kernel 4.4 to version 4.4.148
Hauke Mehrtens [Wed, 15 Aug 2018 16:53:23 +0000 (18:53 +0200)]
kernel: bump kernel 4.4 to version 4.4.148

The following patch was integrated upstream:
 * target/linux/generic/patches-4.4/005-ext4-fix-check-to-prevent-initializing-reserved-inod.patch

This fixes tries to work around the following security problems:
 * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
 * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agombedtls: update to version 2.7.5
Hauke Mehrtens [Fri, 10 Aug 2018 19:54:02 +0000 (21:54 +0200)]
mbedtls: update to version 2.7.5

This fixes the following security problems:
* CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel
* CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agocurl: fix some security problems
Hauke Mehrtens [Fri, 10 Aug 2018 19:39:06 +0000 (21:39 +0200)]
curl: fix some security problems

This fixes the following security problems:
* CVE-2017-1000254: FTP PWD response parser out of bounds read
* CVE-2017-1000257: IMAP FETCH response out of bounds read
* CVE-2018-1000005: HTTP/2 trailer out-of-bounds read
* CVE-2018-1000007: HTTP authentication leak in redirects
* CVE-2018-1000120: FTP path trickery leads to NIL byte out of bounds write
* CVE-2018-1000121: LDAP NULL pointer dereference
* CVE-2018-1000122: RTSP RTP buffer over-read
* CVE-2018-1000301: RTSP bad headers buffer over-read

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agowpa_supplicant: fix CVE-2018-14526
John Crispin [Fri, 10 Aug 2018 13:48:21 +0000 (15:48 +0200)]
wpa_supplicant: fix CVE-2018-14526

Unauthenticated EAPOL-Key decryption in wpa_supplicant

Published: August 8, 2018
Identifiers:
- CVE-2018-14526
Latest version available from: https://w1.fi/security/2018-1/

Vulnerability

A vulnerability was found in how wpa_supplicant processes EAPOL-Key
frames. It is possible for an attacker to modify the frame in a way that
makes wpa_supplicant decrypt the Key Data field without requiring a
valid MIC value in the frame, i.e., without the frame being
authenticated. This has a potential issue in the case where WPA2/RSN
style of EAPOL-Key construction is used with TKIP negotiated as the
pairwise cipher. It should be noted that WPA2 is not supposed to be used
with TKIP as the pairwise cipher. Instead, CCMP is expected to be used
and with that pairwise cipher, this vulnerability is not applicable in
practice.

When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data
field is encrypted using RC4. This vulnerability allows unauthenticated
EAPOL-Key frames to be processed and due to the RC4 design, this makes
it possible for an attacker to modify the plaintext version of the Key
Data field with bitwise XOR operations without knowing the contents.
This can be used to cause a denial of service attack by modifying
GTK/IGTK on the station (without the attacker learning any of the keys)
which would prevent the station from accepting received group-addressed
frames. Furthermore, this might be abused by making wpa_supplicant act
as a decryption oracle to try to recover some of the Key Data payload
(GTK/IGTK) to get knowledge of the group encryption keys.

Full recovery of the group encryption keys requires multiple attempts
(128 connection attempts per octet) and each attempt results in
disconnection due to a failure to complete the 4-way handshake. These
failures can result in the AP/network getting disabled temporarily or
even permanently (requiring user action to re-enable) which may make it
impractical to perform the attack to recover the keys before the AP has
already changes the group keys. By default, wpa_supplicant is enforcing
at minimum a ten second wait time between each failed connection
attempt, i.e., over 20 minutes waiting to recover each octet while
hostapd AP implementation uses 10 minute default for GTK rekeying when
using TKIP. With such timing behavior, practical attack would need large
number of impacted stations to be trying to connect to the same AP to be
able to recover sufficient information from the GTK to be able to
determine the key before it gets changed.

Vulnerable versions/configurations

All wpa_supplicant versions.

Acknowledgments

Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
Leuven for discovering and reporting this issue.

Possible mitigation steps

- Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This
can be done also on the AP side.

- Merge the following commits to wpa_supplicant and rebuild:

WPA: Ignore unauthenticated encrypted EAPOL-Key data

This patch is available from https://w1.fi/security/2018-1/

- Update to wpa_supplicant v2.7 or newer, once available

Signed-off-by: John Crispin <john@phrozen.org>
6 years agotools: findutils: fix compilation with glibc 2.28
Luis Araneda [Thu, 9 Aug 2018 02:32:46 +0000 (22:32 -0400)]
tools: findutils: fix compilation with glibc 2.28

Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
6 years agotools: m4: fix compilation with glibc 2.28
Luis Araneda [Thu, 9 Aug 2018 02:32:45 +0000 (22:32 -0400)]
tools: m4: fix compilation with glibc 2.28

Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
6 years agobrcm47xx: revert upstream commit breaking BCM4718A1
Rafał Miłecki [Fri, 27 Jul 2018 13:57:13 +0000 (15:57 +0200)]
brcm47xx: revert upstream commit breaking BCM4718A1

This fixes kernel hang when booting on BCM4718A1 (& probably BCM4717A1).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4c1aa64b4d804e77dfaa8d53e5ef699fcced4b18)
Fixes: aaecfecdcde5 ("kernel: bump kernel 4.4 to version 4.4.139")

6 years agokernel: ext4: fix check to prevent initializing reserved inodes
Matthias Schiffer [Thu, 9 Aug 2018 20:45:26 +0000 (22:45 +0200)]
kernel: ext4: fix check to prevent initializing reserved inodes

The broken check would detect a newly generated root filesystem as corrupt
under certain circumstances, in some cases actually currupting the it while
trying to handle the error condition.

This is a regression introduced in kernel 4.4.140. The 4.14.y stable series
has already received this fix, while it is still pending for 4.4.y and
4.9.y.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agokernel: bump kernel 4.4 to version 4.4.147
Matthias Schiffer [Thu, 9 Aug 2018 18:25:38 +0000 (20:25 +0200)]
kernel: bump kernel 4.4 to version 4.4.147

target/linux/ar71xx/patches-4.4/103-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
has been applied upstream; the two deleted brcm2708 patches have been
useless even before (as the second one only reverted the first one).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agofirmware: amd64-microcode: update to 20180524
Zoltan HERPAI [Sat, 7 Jul 2018 09:44:02 +0000 (11:44 +0200)]
firmware: amd64-microcode: update to 20180524

  * New microcode update packages from AMD upstream:
    + New Microcodes:
      sig 0x00800f12, patch id 0x08001227, 2018-02-09
    + Updated Microcodes:
      sig 0x00600f12, patch id 0x0600063e, 2018-02-07
      sig 0x00600f20, patch id 0x06000852, 2018-02-06
  * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support,
    plus other unspecified fixes/updates.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agofirmware: intel-microcode: bump to 20180703
Zoltan HERPAI [Mon, 30 Jul 2018 13:16:59 +0000 (15:16 +0200)]
firmware: intel-microcode: bump to 20180703

  * New upstream microcode data file 20180703
    + Updated Microcodes:
      sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432
      sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456
      sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360
      sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408
      sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792
      sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408
      sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672
      sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744
      sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432
      sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
    + First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640
    + Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation
    + SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for:
      Sandybridge server, Ivy Bridge server, Haswell server, Skylake server,
      Broadwell server, a few HEDT Core i7/i9 models that are actually gimped
      server dies.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years agouclient: update to latest git HEAD
Jo-Philipp Wich [Fri, 3 Aug 2018 21:50:29 +0000 (23:50 +0200)]
uclient: update to latest git HEAD

f2573da uclient-fetch: use package name pattern in message for missing SSL library
9fd8070 uclient-fetch: Check for nullpointer returned by uclient_get_url_filename
f41ff60 uclient-http: basic auth: Handle memory allocation failure
a73b23b uclient-http: auth digest: Handle multiple possible memory allocation failures
66fb58d uclient-http: Handle memory allocation failure
2ac991b uclient: Handle memory allocation failure for url
63beea4 uclient-http: Implement error handling for header-sending
eb850df uclient-utils: Handle memory allocation failure for url file name
ae1c656 uclient-http: Close ustream file handle only if allocated

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit e44162ffca448d024fe023944df702c9d3f6b586)

6 years agodownloads.mk: introduce name-agnostic PROJECT_GIT variable
Jo-Philipp Wich [Fri, 5 Jan 2018 09:43:55 +0000 (10:43 +0100)]
downloads.mk: introduce name-agnostic PROJECT_GIT variable

Introduce a name-agnostic PROJECT_GIT variable poiting to
https://git.openwrt.org/ and declare LEDE_GIT and OPENWRT_GIT
as aliases to it.

After some transition time we can drop this alias variables.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4700544e4068cb72932148ac1ecd294ca1388671)

6 years agosdk: include arch/arm/ Linux includes along with arch/arm64/ ones
Jo-Philipp Wich [Fri, 3 Aug 2018 11:45:27 +0000 (13:45 +0200)]
sdk: include arch/arm/ Linux includes along with arch/arm64/ ones

The Linux headers on arm64 architectures contain references to common
arch/arm/ headers which were not bundled by the SDK so far.

Check if we're packing the SDK for an arm64 target and if we do, also
include arch/arm headers as well.

Fixes FS#1725.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4bb8a678e0e0eaf5c3651cc73f3b2c4cb1d267a2)

6 years agosdk: bundle usbip userspace sources
Jo-Philipp Wich [Wed, 1 Aug 2018 07:11:17 +0000 (09:11 +0200)]
sdk: bundle usbip userspace sources

Bundle the usbip utility sources shipped with the Linux kernel tree in
order to allow the usbip packages from the package feed to build within
the OpenWrt SDK.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d0e0b7049f88774e67c3d5ad6b573f7070e5f900)

6 years agokmod-sched-cake: bump to 20180716
Kevin Darbyshire-Bryant [Sun, 15 Jul 2018 10:01:15 +0000 (11:01 +0100)]
kmod-sched-cake: bump to 20180716

Bump to the latest cake recipe.

This backports tc class support to kernel 4.9 and other than conditional
kernel compilation pre-processor macros represents the cake that has
gone upstream into kernel 4.19.  Loud cheer!

Fun may be had by changing cake tin classification for packets on
ingress. e.g.

tc filter add dev ifb4eth0 parent 800b: protocol ip u32 match \
ip dport 6981 0xffff action skbedit priority 800b:1

Where 800b: represents the filter handle for the ifb obtained by 'tc
qdisc' and the 1 from 800b:1 represents the cake tin number.  So the
above example puts all incoming packets destined for port 6981 into the
BULK (lowest priority) tin.

f39ab9a Obey tin_order for tc filter classifiers
1e2473f Clean up after latest backport.
82531d0 Reorder includes to fix out of tree compilation
52cbc00 Code style cleanup
6cdb496 Fix argument order for NL_SET_ERR_MSG_ATTR()
cab17b6 Remove duplicate call to qdisc_watchdog_init()
71c7991 Merge branch 'backport-classful'
32aa7fb Fix compilation on Linux 4.9
9f8fe7a Fix compilation on Linux 4.14
ceab7a3 Rework filter classification
aad5436 Fixed version of class stats
be1c549 Add cake-specific class stats
483399d Use tin_order for class dumps
80dc129 Add class dumping
0c8e6c1 Fix dropping when using filters
c220493 Add the minimum class ops
5ed54d2 Start implementing tc filter/class support

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit c729c43b391e759b6700b28c8e02ba93fe15f8c2)

6 years agoiproute2: merge upstream CAKE support
Jo-Philipp Wich [Sat, 21 Jul 2018 10:22:09 +0000 (11:22 +0100)]
iproute2: merge upstream CAKE support

Add upstream support for CAKE into iproute2 and conditionally enable it
depending on the build environment we're running under.

When running with SDK=1 and CONFIG_BUILDBOT=y we assume that we're
invoked by the release package builder at
http://release-builds.lede-project.org/17.01/packages/ and produce shared
iproute2 executables with legacy CAKE support for older released kernels.

When not running under the release package builder environment, produce
nonshared packages using the new, upstream CAKE support suitable for
the latest kernel.

Depending on the environment, suffix the PKG_RELEASE field with either
"-cake-legacy" or "-cake-upstream" to ensure that the nonshared packages
are preferred by opkg for newer builds.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoWDR4900v1 remove dt node for absent hw crypto.
Tim Small [Wed, 4 Jul 2018 13:05:18 +0000 (14:05 +0100)]
WDR4900v1 remove dt node for absent hw crypto.

The WDR4900v1 uses the P1040 SoC, so the device tree pulls in the
definition for the related P1010 SoC.  However, the P1040 lacks the
CAAM/SEC4 hardware crypto accelerator which the P1010 device tree
defines.  If left defined, this causes the CAAM drivers (if present) to
attempt to use the non-existent device, making various crypto-related
operations (e.g. macsec and ipsec) fail.

This commit overrides the incorrect dt node definition in the included
file.

See also:
 - https://bugs.openwrt.org/index.php?do=details&task_id=1262
 - https://community.nxp.com/thread/338432#comment-474107

Signed-off-by: Tim Small <tim@seoss.co.uk>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit e97aaf483c71fd5e3072ec2dce53354fc97357c9)

6 years agobuild: fix compile error when a package includes itself in PROVIDES
Felix Fietkau [Fri, 20 Jul 2018 08:40:43 +0000 (10:40 +0200)]
build: fix compile error when a package includes itself in PROVIDES

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 7c306ae640feb4d42b352175de27b034bd917938)

6 years agoapm821xx: fix sata access freezes
Christian Lamparter [Mon, 16 Jul 2018 20:56:35 +0000 (22:56 +0200)]
apm821xx: fix sata access freezes

The original vendor's driver programmed the dma controller's
AHB HPROT values to enable bufferable, privileged mode. This
along with the "same priorty for both channels" fixes the
freezes according to @takimata, @And.short, that have been
reported on the forum by @ticerex.

Furtheremore, @takimata reported that the patch also improved
the performance of the HDDs considerably:
|<https://forum.lede-project.org/t/wd-mybook-live-duo-two-disks/16195/55>
|It seems your patch unleashed the full power of the SATA port.
|Where I was previously hitting a really hard limit at around
|82 MB/s for reading and 27 MB/s for writing, I am now getting this:
|
|root@OpenWrt:/mnt# time dd if=/dev/zero of=tempfile bs=1M count=1024
|1024+0 records in
|1024+0 records out
|real    0m 13.65s
|user    0m 0.01s
|sys     0m 11.89s
|
|root@OpenWrt:/mnt# time dd if=tempfile of=/dev/null bs=1M count=1024
|1024+0 records in
|1024+0 records out
|real    0m 8.41s
|user    0m 0.01s
|sys     0m 4.70s
|
|This means: 121 MB/s reading and 75 MB/s writing!
|
|[...]
|
|The drive is a WD Green WD10EARX taken from an older MBL Single.
|I repeated the test a few times with even larger files to rule out
|any caching, I'm still seeing the same great performance. OpenWrt is
|now completely on par with the original MBL firmware's performance.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agoRevert "iproute2: tc: bump to support kmod-sched-cake"
Kevin Darbyshire-Bryant [Thu, 19 Jul 2018 08:16:42 +0000 (09:16 +0100)]
Revert "iproute2: tc: bump to support kmod-sched-cake"

This reverts commit 8d4da3c5898ae3b594530b16c6f2ab79a2b7095b.

17.01.5 encountered mismatch between kmod version ABI & iproute2/tc
version ABI.  Revert for now, revisit for 17.01.6

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoRevert "kmod-sched-cake: bump to 20180716"
Kevin Darbyshire-Bryant [Thu, 19 Jul 2018 08:15:00 +0000 (09:15 +0100)]
Revert "kmod-sched-cake: bump to 20180716"

This reverts commit 0e1606ba3d3b068e9261832c2e31f38df47f447b.

17.01.5 encountered mismatch between kmod version ABI & iproute2/tc
version ABI.  Revert for now, revisit for 17.01.6

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoscripts: bundle-libraries: fix build on OS X (FS#1493)
Jo-Philipp Wich [Thu, 26 Apr 2018 14:04:37 +0000 (16:04 +0200)]
scripts: bundle-libraries: fix build on OS X (FS#1493)

This allegedly fixes compilation of the library bundler preload library on
Apple OS X. The resulting executables have not been runtime tested due to a
lack of suitable test hardware.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 746c590882b96d5ed4d4115e4bdab4c838af7806)

6 years agobuild: bundle-libraries.sh: patch bundled ld.so
Jo-Philipp Wich [Thu, 25 Jan 2018 16:12:29 +0000 (17:12 +0100)]
build: bundle-libraries.sh: patch bundled ld.so

Remove references to /etc/, /lib/ and /usr/ from the bundled ld.so
interpreter using simple binary patching.

This is needed to prevent loading host system libraries such as
libnss_compat.so.2 on foreign systems, which may result in ld.so
inconsistency assertions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit a9a43f3d791da40893832616e79bbeed198a1ddb)

6 years agomtd: improve check for TRX header being already fixed
Rafał Miłecki [Sun, 15 Jul 2018 21:23:42 +0000 (23:23 +0200)]
mtd: improve check for TRX header being already fixed

First of all lengths should be compared after checking all blocks for
being good/bad. It's because requested length may differ from a final
one if there were some bad blocks.

Secondly it makes sense to also compare crc32 since we already have a
new one calculated.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 82498a7f7aa86ad0e93ef60d50dccaa0a9549e4c)

6 years agomtd: support bad blocks within the mtd_fixtrx()
Rafał Miłecki [Sun, 15 Jul 2018 14:51:41 +0000 (16:51 +0200)]
mtd: support bad blocks within the mtd_fixtrx()

Reading MTD data with (p)read doesn't return any error when accessing
bad block. As the result, with current code, CRC32 covers "data" stored
in bad blocks.

That behavior doesn't match CFE's one (bootloader simply skips bad
blocks) and may result in:
1) Invalid CRC32
2) CFE refusing to boot firmware with a following error:
Boot program checksum is invalid

Fix that problem by checking every block before reading its content.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0f54489f754e7bd34e0430c57a11b6a54740d58e)

6 years agoiproute2: tc: bump to support kmod-sched-cake
George Amanakis [Sun, 15 Jul 2018 08:47:49 +0000 (04:47 -0400)]
iproute2: tc: bump to support kmod-sched-cake

Signed-off-by: George Amanakis <gamanakis@gmail.com>
6 years agokmod-sched-cake: bump to 20180716
Kevin Darbyshire-Bryant [Sun, 15 Jul 2018 10:01:15 +0000 (11:01 +0100)]
kmod-sched-cake: bump to 20180716

Bump to the latest cake recipe.

This backports tc class support to kernel 4.9 and other than conditional
kernel compilation pre-processor macros represents the cake that has
gone upstream into kernel 4.19.  Loud cheer!

Fun may be had by changing cake tin classification for packets on
ingress. e.g.

tc filter add dev ifb4eth0 parent 800b: protocol ip u32 match \
ip dport 6981 0xffff action skbedit priority 800b:1

Where 800b: represents the filter handle for the ifb obtained by 'tc
qdisc' and the 1 from 800b:1 represents the cake tin number.  So the
above example puts all incoming packets destined for port 6981 into the
BULK (lowest priority) tin.

f39ab9a Obey tin_order for tc filter classifiers
1e2473f Clean up after latest backport.
82531d0 Reorder includes to fix out of tree compilation
52cbc00 Code style cleanup
6cdb496 Fix argument order for NL_SET_ERR_MSG_ATTR()
cab17b6 Remove duplicate call to qdisc_watchdog_init()
71c7991 Merge branch 'backport-classful'
32aa7fb Fix compilation on Linux 4.9
9f8fe7a Fix compilation on Linux 4.14
ceab7a3 Rework filter classification
aad5436 Fixed version of class stats
be1c549 Add cake-specific class stats
483399d Use tin_order for class dumps
80dc129 Add class dumping
0c8e6c1 Fix dropping when using filters
c220493 Add the minimum class ops
5ed54d2 Start implementing tc filter/class support

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit c729c43b391e759b6700b28c8e02ba93fe15f8c2)

6 years agoLEDE v17.01.5: revert to branch defaults
Hauke Mehrtens [Sun, 15 Jul 2018 19:25:20 +0000 (21:25 +0200)]
LEDE v17.01.5: revert to branch defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoLEDE v17.01.5: adjust config defaults v17.01.5
Hauke Mehrtens [Sun, 15 Jul 2018 19:25:16 +0000 (21:25 +0200)]
LEDE v17.01.5: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: bump kernel 4.4 to version 4.4.140
Hauke Mehrtens [Fri, 13 Jul 2018 18:54:11 +0000 (20:54 +0200)]
kernel: bump kernel 4.4 to version 4.4.140

These two patches:
        target/linux/ar71xx/patches-4.4/403-mtd_fix_cfi_cmdset_0002_status_check.patch
        target/linux/ramips/patches-4.4/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
are replaced by upstream commit 242dbd2b3df ("mtd: cfi_cmdset_0002:
Change erase functions to check chip good only")

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: bump kernel 4.4 to version 4.4.139
Hauke Mehrtens [Tue, 3 Jul 2018 17:37:55 +0000 (19:37 +0200)]
kernel: bump kernel 4.4 to version 4.4.139

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agobase-files: fix links in banner.failsafe
Sven Roederer [Tue, 12 Jun 2018 20:48:39 +0000 (22:48 +0200)]
base-files: fix links in banner.failsafe

Update the link to the current section in the documentaion wiki.
This fixes https://github.com/openwrt/packages/issues/6282

Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
6 years agoar71xx: fix 5 GHz Wi-Fi on NBG6716
Matti Laakso [Sun, 14 Jan 2018 15:39:53 +0000 (17:39 +0200)]
ar71xx: fix 5 GHz Wi-Fi on NBG6716

Some NBG6716 do not have ath10k calibration data in flash, only in chip
OTP. To determine if flash has a valid calibration data, the first two
bytes telling the length of the calibration data are checked against the
requested length. If the lengths match, calibration data is valid and
read from flash.

Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
6 years agoRevert "base-files: fix UCI config parsing and callback handling"
Hans Dedecker [Thu, 21 Jun 2018 19:26:13 +0000 (21:26 +0200)]
Revert "base-files: fix UCI config parsing and callback handling"

This reverts commit b6a1f43075f96b0028e33ed1af1fe31068791d24 as users
report Qos scripts are broken (FS1602)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agokernel: bump kernel 4.4 to version 4.4.138
Hauke Mehrtens [Sat, 16 Jun 2018 19:05:00 +0000 (21:05 +0200)]
kernel: bump kernel 4.4 to version 4.4.138

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agouci: add missing 'option' support to uci_rename()
Tony Ambardar [Tue, 25 Apr 2017 09:16:56 +0000 (02:16 -0700)]
uci: add missing 'option' support to uci_rename()

When using the uci.sh wrapper, allow parameters to match those supported
by the uci binary i.e. "uci rename <config>.<section>[.<option>]=<name>".

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
6 years agomac80211: rt2x00: no longer use TXOP_BACKOFF for probe frames
Daniel Golle [Mon, 28 May 2018 13:45:43 +0000 (15:45 +0200)]
mac80211: rt2x00: no longer use TXOP_BACKOFF for probe frames

Import a revert-commit from Stanislaw Gruszka which significantly
improves WiFi performance on rt2x00 based hardware.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from commit f4a639a3d7d40b4f63c431c2d554c479fbcc6b74)

6 years agokernel: bump kernel 4.4 to version 4.4.137
Hauke Mehrtens [Sat, 9 Jun 2018 13:59:41 +0000 (15:59 +0200)]
kernel: bump kernel 4.4 to version 4.4.137

The new option CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE was added, in this
commit:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.4.y&id=ffe4bf3eb3cfa10f9ef295c08c21f4fe3bb07e21
Handle it by setting it to the opposite value
CONFIG_CC_OPTIMIZE_FOR_SIZE is set to.

Tested on lantiq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agomap: add ealen as configurable uci parameter
Hans Dedecker [Thu, 24 Aug 2017 18:53:36 +0000 (20:53 +0200)]
map: add ealen as configurable uci parameter

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agobase-files: fix UCI config parsing and callback handling
Tony Ambardar [Thu, 8 Mar 2018 05:00:45 +0000 (21:00 -0800)]
base-files: fix UCI config parsing and callback handling

There are several long-standing issues present in the UCI shell API as
documented in https://wiki.openwrt.org/doc/devel/config-scripting. They
relate both to high-level, user-defined callback functions used to
process UCI config files, and also to low-level functions used within
scripts generally.

The related problems have been encountered now and in the past, e.g.
https://forum.openwrt.org/viewtopic.php?id=54295, and include:

a) UCI parsing option() function and user-defined option_cb() callbacks
being erroneously called during processing of "list" config file entries;

b) normal usage of the low-level config_set() unexpectedy calling any
defined option_cb() if present; and

c) handling of the list_cb() not respecting the NO_CALLBACK variable.

Root causes include a function stack "inversion", where the low-level
config_set() function incorrectly calls the high-level option() function,
intended only for processing the "option" keyword of UCI config files.

This change addresses the inversion and other issues, making the option
handling code more consistent and smaller, and simplifying developers'
usage of UCI callbacks.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
6 years agomtd: add build hack to reintroduce shared mtd for older releases
Jo-Philipp Wich [Wed, 6 Jun 2018 11:41:26 +0000 (13:41 +0200)]
mtd: add build hack to reintroduce shared mtd for older releases

When running in SDK context, treat the mtd package as shared to reintroduce
the common repository binary package for older released IBs.

When building outside of the SDK, create a nonshared package with a higher
PKG_REVISION to let opkg prefer that over the shared one in the common repo.

Ref: https://forum.lede-project.org/t/17-01-4-opkg-install-cmd-cannot-install-package-mtd/15312
Fixes: aaac9e82aa ("mtd: mark as nonshared to fix FS#484")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agomtd: mark as nonshared to fix FS#484
Mirko Parthey [Thu, 31 May 2018 13:24:31 +0000 (15:24 +0200)]
mtd: mark as nonshared to fix FS#484

Upstream commit: 46d7ced9d1e104693a9f995bfe8a6e28ac82b592

The mtd tool is built with different configurations depending on the
target. For example, brcm47xx adds the fixtrx subcommand, without which
an image fails when booting the second time.

Mark the mtd package as nonshared to really fix FS#484.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
6 years agoustream-ssl: update to latest git HEAD
John Crispin [Tue, 22 May 2018 18:44:34 +0000 (20:44 +0200)]
ustream-ssl: update to latest git HEAD

Upstream commit: 346d4c75eaa7a1d9bc8fcddc5db10a6aca95c005

5322f9d mbedtls: Fix setting allowed cipher suites
e8a1469 mbedtls: Add support for a session cache

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoustream-ssl: update to latest git HEAD
John Crispin [Tue, 1 May 2018 09:11:16 +0000 (11:11 +0200)]
ustream-ssl: update to latest git HEAD

Upstream commit: 52ba5760b771d873fe21d260e3b53506663b6144

527e700 ustream-ssl: Remove RC4 from ciphersuite in server mode.
39a6ce2 ustream-ssl: Enable ECDHE with OpenSSL.
45ac930 remove polarssl support

Signed-off-by: John Crispin <john@phrozen.org>
6 years agombedtls: Activate the session cache
Hauke Mehrtens [Mon, 21 May 2018 11:58:53 +0000 (13:58 +0200)]
mbedtls: Activate the session cache

Upstream commit: f2c8f6dc3249b506b915741d12905402dfffe162

This make sit possible to store informations about a session and reuse
it later. When used by a server it increases the time to create a new
TLS session from about 1 second to less than 0.1 seconds.

The size of the ipkg file increased by about 800 Bytes.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agombedtls: update mbedtls to version 2.7.3
Hauke Mehrtens [Sat, 2 Jun 2018 10:07:35 +0000 (12:07 +0200)]
mbedtls: update mbedtls to version 2.7.3

This fixes some minor security problems and other bugs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agokernel: bump kernel 4.4 to 4.4.135 for 17.01
Hauke Mehrtens [Wed, 30 May 2018 19:39:51 +0000 (21:39 +0200)]
kernel: bump kernel 4.4 to 4.4.135 for 17.01

* Refreshed patches

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agoar71xx: Deactivate build of Netgear WNR2000v3
Hauke Mehrtens [Sat, 2 Jun 2018 10:00:11 +0000 (12:00 +0200)]
ar71xx: Deactivate build of Netgear WNR2000v3

This devices always looses the settings after power loss, nothing is
been saved.
Deactivate building this image till this problem is fixed.
See FS#672

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agomvebu: Add support for WRT3200ACM with new NAND flash
Imre Kaloz [Thu, 15 Feb 2018 18:57:05 +0000 (19:57 +0100)]
mvebu: Add support for WRT3200ACM with new NAND flash

Newer Linksys boards might come with a Winbond W29N02GV which can be
configured in different ways. Make sure we configure it the same way as
the older chips so everything keeps working.

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
6 years agobrcm47xx: add switch port mapping to Asus WL-500W
Mirko Parthey [Tue, 22 May 2018 19:23:36 +0000 (21:23 +0200)]
brcm47xx: add switch port mapping to Asus WL-500W

Switch ports 0..3 are connected to external ports LAN{1..4} in sequence,
switch port 4 is not used, and switch port 5 is connected to the CPU.
The WAN port is attached to the CPU's second network interface; it has no
connection to the internal switch.

Reuse the "Dell TrueMobile 2300" entry, which describes the same mapping.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
6 years agoodhcpd: fix managed address configuration setting
Hans Dedecker [Sun, 27 May 2018 20:08:52 +0000 (22:08 +0200)]
odhcpd: fix managed address configuration setting

59339a7 router: fix managed address configuration setting

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoapm821xx: Add default packages to NAND target
Chris Blake [Fri, 31 Mar 2017 09:31:21 +0000 (04:31 -0500)]
apm821xx: Add default packages to NAND target

This moves core router packages to the NAND target, to ensure they are
applied to all images. This change is being done due to an issue found
when flashing the MX60W image, which came without these when built as a
multi image.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
(cherry picked from commit d1c3a9485a90fff9bf7083faba4138e14dcdae7d)